New Friendly Name Filter

Friends, everyone has them, the good ones, the bad ones, and the ones that you will wind up in a cell with after one too many. Friends share everything from deep dark secrets that they make each other swear to never tell a soul about to funny videos from YouTube, no matter what the subject or content, it is always nice to hear from a friend.

That is, however, until your “friend” sends you an email with an attachment containing ransomware or a link to a malicious download and suddenly all your files and pictures become encrypted and you’re faced with a note demanding bitcoins to unencrypt them.

This type of email attack, often called an impersonation attack, has begun to see a rise in popularity, thanks to smartphones and the way email is displayed on the small screens.

When an email is opened on a desktop computer, the email address and a display name are shown so the hacker has to spoof the email address and security services have checks for that. However, on mobiles, the smaller screen limits the amount of information shown, usually showing the display name only. While this may seem like a minor problem, it leaves the user vulnerable to friendly name spoofing which is often not detected by their email security service.

Display names can be easily changed to display any name the sender chooses, giving scammers an easy way to trick users into downloading or clicking on malicious links. These types of attacks are hard for email security companies to catch as they typically come from Gmail or other freemail addresses and not from spoofed addresses, which is what most services block.

Our new friendly name filter, however, does what many other companies fail to do, it blocks impersonation attacks before they reach the user.

The new filter looks at various parts of an email including the header from, reply to, and username portion of an email to verify if the email is authentic or an impersonation attack.

This allows users to be sure the email that appears to be coming from their friend (or even their boss) is not a scammer in disguise.